Noted. The problem is not so simple to fix, but I do still think that it may be a problem worth solving. I don't recall any other user based system that does not allow users to change their own passwords. All operating systems of any value have this function. The problem with the present system is that someone ends up knowing everyone else's passwords and it does not encourage people to change their passwords regularly. I have noted the post from Mike Renfro pointing out http://www.zope.org/Members/tseaver/user_settable_passwords (Letting Normal Users Set Their Own Passwords) and I will implement this, but it seems to me such a function should be built into Zope. Tom => -----Original Message----- => From: zope-admin@zope.org [mailto:zope-admin@zope.org]On Behalf Of Chris => Withers => Sent: Sunday, 1 July 2001 11:37 PM => To: tom@cameron.to => Cc: Mike Renfro; zope@zope.org => Subject: Re: [Zope] users managing their own user details => => => Tom Cameron wrote: => > => > One possible solution would be to modify the useredit form in => acl_users to => > ask users for thier existing password when setting a new one. => That way you => > could let them have access to the acl_users folder and be => confident that => > they will only change their own details. Not quite perfect but => much better. => => Not really, they'd also be able to change their own roles and => those of other => users :-( => => cheers, => => Chris => => => => _______________________________________________ => Zope maillist - Zope@zope.org => http://lists.zope.org/mailman/listinfo/zope => ** No cross posts or HTML encoding! ** => (Related lists - => http://lists.zope.org/mailman/listinfo/zope-announce => http://lists.zope.org/mailman/listinfo/zope-dev ) =>